Cyber Posture

CVE-2023-53741

HighPublic PoC

Published: 10 December 2025

Published
10 December 2025
Modified
18 December 2025
KEV Added
Patch
CVSS Score 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
EPSS Score 0.0026 49.8th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Description

Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without…

more

proper authorization.

Mitigating Controls (NIST 800-53 r5)AI

SC-23 Session Authenticity good match
prevent

Requires mechanisms to protect communications session authenticity, directly preventing replay attacks exploiting IP-bound session identifiers.

AC-12 Session Termination partial match
prevent

Mandates automatic session termination after defined conditions, reducing the window for interception and reuse of vulnerable sessions.

IA-11 Re-authentication partial match
prevent

Requires re-authentication for specific actions or time intervals, limiting damage from unauthorized reuse of compromised sessions.

Security SummaryAI

CVE-2023-53741 is a weak session management vulnerability (CWE-384) in Screen SFT DAB version 1.9.3, where session identifiers are bound to IP addresses. This flaw allows attackers to bypass authentication controls by intercepting and reusing established session identifiers via the vulnerable API. The vulnerability carries a CVSS v3.1 base score of 8.1 (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H), highlighting high integrity and availability impacts with no confidentiality loss.

Attackers with adjacent network access can exploit this without privileges or user interaction by capturing a valid session from a legitimate user and replaying the IP-bound session ID to the API. Successful exploitation enables unauthorized actions, such as removing user accounts, compromising system integrity and availability.

Advisories and related resources, including VulnCheck's detailed report (https://www.vulncheck.com/advisories/screen-sft-dab-authentication-bypass-via-ip-session-management), vendor pages from DB Broadcast (https://www.dbbroadcast.com and https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/) and Screen (https://www.screen.it), provide further context. A proof-of-concept exploit is publicly available on Exploit-DB (https://www.exploit-db.com/exploits/51457), underscoring the need to review these for patch availability and mitigation guidance.

Details

CWE(s)
CWE-384

Affected Products

dbbroadcast
sft dab 015\/c firmware
1.9.3
dbbroadcast
sft dab 050\/c firmware
1.9.3
dbbroadcast
sft dab 150\/c firmware
1.9.3
dbbroadcast
sft dab 300\/c firmware
1.9.3
dbbroadcast
sft dab 600\/c firmware
1.9.3

MITRE ATT&CK Enterprise TechniquesAI

T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
attack.mitre.org →
T1550.004 Web Session Cookie Lateral Movement
Adversaries can use stolen session cookies to authenticate to web applications and services.
attack.mitre.org →
Why these techniques?

Vulnerability enables authentication bypass via interception and replay of IP-bound session identifiers on a remote API, directly facilitating remote service exploitation (T1210) and use of stolen web session material (T1550.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References